So are we done pretending that Linux is the most secure operating system now? Because we've had these kinds of root exploits for as long as there's been Linux servers. And I've been the one that had to patch dozens of systems every damn time, as far back as 1998.
What would you suggest instead?
Windows?
>implying Windows is any more secure
https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3238
>>57288937
BSD, perhaps, but Windows isn't bad these days.
>>57288951
Let's put it this way. I patch the Windows servers for serious problems a lot less often. I also patch the other application software less often.
>>57288976
>I patch the Windows servers for serious problems a lot less often.
>less updates = good thing
Are you literally retarded?
>>57289004
Dude there's no such thing as a bulletproof OS. So the least problems it the best.
It's like politics. You pick the shiniest turd.
>>57288824
No one cares about your opinion, or you experience. You are literally nobody.
sage
>>57289037
>gets burrhurt
>tries to use the defeatist tactic
Go to bed, kid.
>>57288824
DirtyCOW was the tipping point for my IT department, the last of the servers are going to Windows.
not an argument
>>57289063
see
>>57288951
sage
>>57289007
>least problems
>Windows
pick one and only one
>>57289075
quit making shit up. Has not even been found in the wild, and requires physical access. Already patched. You don't work in the industry, you know nothing.
sage
Ok
>>57288824
>So are we done pretending that Linux is the most secure operating system now
yes, we established that Linux is the most secure operating system now
>>57288824
>Pointing to a single patched exploit is enough to prove that an operating system is the most/least secure.
Do you not understand how comparisons work?
>requires physical access
It's fucking nothing, fuck outta here Pajeet.
>>57290129
>DirtyCOW
>requires physical access
What? No.
>>57288824
Tried exploit code on Slackware 14.2.
Needs mmap which needs ghc as adependency.
Slackware does not ship with these and compiling took a long time.(ghc requires 4.3 gb).
Code wouldnt work because it calls on madvise and 14.2 has madvise2.
Didnt work.
>>57290841
>same here
Still some faggot try to use this meme CVE as a FUD against linux. Maybe this is the 10th times i see this crap in catalog.
>>57290928
Yeah, and all for a local exploit.
This is all they have got on us.
Anyways, getting back to not giving a shit.
>Applies kernel update
>Three second reboot
>First Linux kernel vulnerability in ages fixed
>Apply updates to Windows server
>Takes ninety minutes
>Seven minutes after reboot, fully functional again
>Oh look, those updates unlocked more updates that were dependant on them.
>Eventually secured until next month's updates
>>57288976
windows doesn't patch anything but crytical bugs / blue screen etc. i.e. Really obvious ones
>thinks you're more secure
kek
>>57288824
Hey, it's patched now, dingus. Linux is perfectly safe.
>>57291071
Hopefully that windows server belongs to somebody else and not (you).
>>57291112
I have around 45 Windows servers that behave exactly as described for Windows 2008 and Windows 2012.
The only saving grace is that I no longer have to update my Windows 2003 servers.
</sarcasm>
>>57291101
I dont even think Slackware 14.2 was vulnerable in the first place.
I generated a modular kernel from the huge kernel which isnt the same as the standard linux kernel though.
>>57291080
Actually this is where Windows is horrible. Look at this shit:
https://support.microsoft.com/en-au/kb/3135020
Something like half of these are "addresses random BSOD" and "addresses random data corruption". Serious shit, which for some fucking reason is mostly missing from Windows Update.
Yes, you too can download 300+ updates on a fresh install so that you can fix issues like "removes a font", but wait until your business critical server starts blowing shit up and hey, here's a massive list of updates to go and find yourself.
>>57288824
>I've been the one that had to patch dozens of systems every damn time, as far back as 1998.
You sir are a liar.
>>57289089
Proportionally that's great
are any of these memory exploits even applicable to hardened kernels (protecting memory/execution) and sandboxed processes?
>>57288824
>The Windows and OSX kernels are secure
>Immediately deploying security patches and spreading awareness is a bad thing
>>57291655
They're not applicable to huge kernels.
So far from my testing.
>>57288824
>most secure
Its a childish mind that thinks in absolutes and hyperbola.
Security is relative to threat. If there were an absolutely secure OS, only the system would be in command. Making it unusable by people.